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DETAILED ACTION 
Claim Rejections - 35 USC §103 
The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1-43 are rejected under 35 U.S. C. 103(a) as being unpatentable over Pavlov 
(4,614,861) in view of Spratte (5,764,766). 

In reference to claims 7, 20, 31, 42-43, Pavlov discloses a system a self-contained card 
that has the ability to verify a personal identification number that is entered directly into the body 
by way of a keyboard (abstract). The self-contained card comprises: (a) a computer- 
implemented input for receiving a input access code (Fig_l part 12 in combination with column 
1 1 lines 60-67); output said datum reproducing said at least a portion of said user's confidential 
datum (TIC) if said input access code equals said user*s access code (column 12 lines 15-30); and 
(d) said generation of said output datum occurring without dependence on any storage of any 
form of said at least a portion of said confidential datum (column 12 lines 29-67). 

Although Pavlov discloses the generation of confidential data, TIC, Pavlov does not 
disclose a seed derivation module operatively connected to said input, for deriving a seed usable 
to generate at least a portion of said confidential datum; a seed-based data generation module 
implementing a predetermined data generation protocol that was previously used by a seed-based 
initialization of said confidential datum of said user, containing a representation of a seed-access 
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code relationship, and configured to generate an output datum by digitally processing said 
derived seed in accordance with said seed-access code relationship. 

Spratte discloses a system and method for encrypting data communication comprising the 
generation of an encryption key (abstract). The applicant does not define a data generation 
protocol; as a result, a data generation protocol is a method of generating data. In addition, the 
applicant does not define a seed access code. A value generated using the access code or 
identification number. The system of Spratte includes a seed derivation module operatively 
connected to said input, for deriving a seed usable to generate at least a portion of said 
confidential datum (column 2 line65 to column 3 line 1); a seed-based data generation module 
implementing a predetermined data generation protocol that was previously used by a seed-based 
initialization of said confidential datum of said user, containing a representation of a seed-access 
code relationship, and configured to generate an output datum (encryption key) by digitally 
processing (hashed) said derived seed in accordance with said seed-access code relationship 
(column 3 lines 1-10). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system of Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claims 2, 21, and 32, Pavlov discloses a system where said output datum 
does not reproduce said at least a portion of said user's confidential datum if said input access 
code does not equal said user's access code (Fig_7). 
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In reference to claims 5, 22, and 33, Pavlov discloses a system where said output datum 
has the characteristic appearance of said at least a portion of said confidential datum (Fig_7). 

In reference to claims 4, 23, and 34, Pavlov dislcoses a system where said access code is 
a PIN (Fig_7). 

Spratte discloses a system and method for encrypting data communication comprising the 
generation of an encryption key (abstract); and said confidential datum 
includes an asymmetric cryptopaphic key (column 3 Unes 1-10). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claim 5, Pavlov does not discloses a system where said output datum has 
the characteristic appearance of an asymmetric cryptographic key. 

Spratte discloses a system and method for encrypting data communication comprising the 
generation of an encryption key (abstract); said output datum has the characteristic appearance of 
an asymmetric cryptographic key. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claim 6, Pavlov discloses a system wherein the access code is a PIN 
(Fig_7). 



Application/Control Number: 09/874^795 Page 5 

Art Unit: 2135 

Spratte discloses a system and method for encrypting data communication comprising the 
generation of an encryption key (abstract); and said confidential datum includes a symmetric 
cryptographic key (column 3 lines 1-10). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficuh to hack. 

In reference to claims 7, 24, and 36, where said seed-access code relationship is a identity 
relationship, so that said derived seed equals said input access code (Fig_7). 

In reference to claims 8 and 25, a system where said seed-access code relationship 
represents said derived seed as a padded version of said input access code. 

Spratte discloses a system and method for encrypting data communication comprising the 
generation of an encryption key (abstract); and where said seed-access code relationship 
represents said derived seed as a padded version of said input access code, (column 3 lines 1-10). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claims 9, 26, and 37, Pavlov does not disclose a system where said seed- 
access code relationship includes a version of said initial seed masked by user's access code. 
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Spratte discloses a system and method for encrypting data communication comprising the 
generation of an encryption key (abstract); and where said seed-access code relationship includes 
a version of said initial seed masked by user's access code (column 3 lines 1-10). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claims 10, 27, and 38, where: (i) said masked version of said initial seed 
includes an XOR of said initial seed with said user*s access code; and (ii) said processing of said 
derived seed in accordance with said seed-access code relationship includes XORing said 
masked version of said initial seed with said derived seed. 

Spratte discloses a system wherein the initial seed (salt) is combined with the user's 
access code (primary key). XOR is a form of combining initial seed with the user's access code. 
The processing of the derived seed (hashing) as disclosed by Spratte only discloses Message 
Digest 5 as an example; therefore XORing is one another possible way to implement a hash 
function. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claim II, Pavlov does not disclose a system further comprising program 
code for updating a user's old access code with a user*s new access code by replacing said stored 
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masked version of said initial seed with its value XORed with said user s old access code XORed 
with id user's new access code. 

Spratte discloses a system further comprising program code for updating a user's old 
access code with a user's new access code by replacing said stored masked version of said initial 
seed with its value XORed with said user s old access code XORed with id user's new access 
code (column 3 lines 29-45). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claims 12, 28, and 39, Pavlov does not disclose a system where: (i) said 
seed-access code relationship includes a truncated version of said initial seed capable of being 
concatenated with said input access code to form said derived seed; and (ii) said processing of 
said derived seed in accordance with said seed-access code relationship includes concatenating 
said truncated version of said initial seed with said input access code. 

Spatte discloses combining the salt with the primary key which results in the said seed- 
access code relationship includes a truncated version of said initial seed capable of being 
concatenated with said input access code to form said derived seed. The hash result in the 
concatenation and truncation of the encryption key. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
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the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claims 13, 29, and 40, Pavlov does not dislcose a system where: (i) said 
seed-access code relationship includes values of, and associations between, a pluraHty of 
possible values of said input access code and a corresponding plurality of possible values of said 
derived seed; and (ii) said processing of said derived seed in accordance with said seed-access 
code relationship includes looking up and outputting said possible value of said derived seed 
corresponding to said input access code. 

Spatte discloses a system where (i) said seed-access code relationship includes values of, 
and associations between, a plurality of possible values of said input access code and a 
corresponding plurality of possible values of said derived seed; and (ii) said processing of said 
derived seed in accordance with said seed-access code relationship includes looking up and 
outputting said possible value of said derived seed corresponding to said input access code 
(column 3 lines 30-45). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claims 14, 30, and 41, Pavlov does not discloses a system where: (1) said 
seed derivation module is merged with said data generation module; (2) said output datum 
includes said derived seed. 
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Spatte discloses a system where: (1) said seed derivation module is merged with said data 
generation module; (2) said output datum includes said derived seed (column 3 lines 1-10). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claim 15, where said confidential datum includes a private key of said 
user, and said output datum has the characteristic appearance of a private key. 

Spatte discloses a system where: said confidential datum includes a private key of said 
user, and said output datum has the characteristic appearance of a private key (column 3 lines 1- 
10). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claim 16, where said user's public key corresponding to said user's private 
key is pseudo-public. 

Spatte discloses a system where: said user's public key corresponding to said user's 
private key is pseudo-public (column 3 lines 1-10). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
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the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claim 17, system further comprising a digital certificate containing said 
pseudo-pubhc key. 

Spatte discloses a system further comprising a digital certificate containing said pseudo- 
public key (column 3 lines 1-10). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claim 18 where said digital certifcate includes an encrypted version of 
said user's pseudo-pubhc key encrypted under a certifier's key which is not veriable except by 
authorized verifiers. 

Spatte discloses a system with an encryption key (column 3 lines 1-10). The digital 
certificate is a form of security that contains the key and certifies the ownership of the key and 
therefore added security. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to generate a key as in Spratte in the system fo Pavlov. One of ordinary skill in 
the art would have been motivated to do this because it would create keys that meet export 
conditions, but are unique enough to make them difficult to hack. 

In reference to claim 19, Pavlov discloses a system that is configured to be remotely 
accessible to a roaming user across a network (column 9 hues 64-66). 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paula W Klimach whose telephone number is (571) 272-3854. 
The examiner can normally be reached on Mon to Thr 9:30 a.m to 5:30 p.m 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Rim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published appUcations 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

PWK n 
Friday, February 1 8, 2005 // 
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